I don’t use Windows often. Much of my time is spent in Arch Linux except on the rare occasion I have an interest in doing something that requires Windows (typically gaming or Reason). Imagine my surprise when I booted in Windows about a week or two ago and started noticing a series of processes consuming a significant amount of disk bandwidth and appearing to scan the entirety of a) installed applications and b) everything in my user profile directory.

It turns out that sometime late last year (November 2018, possibly earlier), Microsoft released a series of patches for “reliability improvements” which include the “remediation service” that performs a few interesting tasks. Notably, this includes a service that “may compress files in your user profile directory to help free up enough disk space to install important updates.” If you’ve seen sedlauncher.exe in Windows Resource Monitor, it belongs to the remediation service and is the tool design to scan your user profile directory, presumably for files that may be candidates for compression.

sedlauncher.exe‘s malware-like behavior stems from the fact that a) it isn’t strictly launched when Windows Update requires additional space and b) it performs a thorough scan of everything in the user profile directories (pidgin chat logs, pictures, media, desktop files–everything). I assume this is because it is collating a list of files it would compress in the event Windows Update runs out of space based on some heuristic, but what perplexes me is that it is impossible to tell precisely how well a file will compress until the file is actually compressed. Yes, there’s a few heuristics you could apply (it is a file type known to compress well) but these don’t always hold true: Imagine a virtual machine image that contains a large number of compressed archives. VM images do compress well, generally, but only because the contents of the image aren’t typically compressed. But this also presents the question: Why scan for compression targets when there’s already plenty of disk space available to Windows Update? What exactly is this tool doing?

Most guides online direct visitors to one of two solutions: Remove the applicable updates or disable the Windows Remediation Service. The former isn’t a sustainable solution, because the updates will eventually be applied or because Windows’ stellar history of absolutely no security flaws (sarcasm) strongly suggests skipping updates isn’t wise. Curiously, the latter option–that is, disabling the culprit service–appears to be a foolhardy solution as well, because sedlauncher.exe returns, diligently, to its previous state of scanning everything it can access. It’s likely Windows Remediation Service scanners are launched via the task scheduler, but I’ve yet to find exactly where or how.

There is one particular solution that might work. Unlike most other core Windows tools, sedlauncher.exe is not contained in the Windows root. Instead, it resides under C:\Program Files\rempl. This rather bizarre choice suggests Microsoft has a keen interest in packaging this tool separately for other operating systems or wishes to disguise it as an installed application to keep it from prying eyes. You decide.

I’ve found renaming sedlauncher.exe to something else appears to work as a temporarily solution (but only temporary) with the appropriate caveats applied (exercise caution as this may break things). I expect it to be reinstalled with a future update, but for now it won’t be scanning my profile directory for files to assault. Whether this works in your case (or not) is left as an exercise to the reader, but be aware this may break other parts of Windows Update. I have no idea how deep the tendrils of this telemetry run into the dark recesses of Windows 10.

I was reading this piece on Slashdot a couple of days ago, slightly infuriated, because I’ve actually had very few issues running Windows 7–with some exceptions. I’m glad that Ars Technica has come out to set the record straight.

UPDATE

Turns out that there’s some speculation the individual who brought the memory issues to the forefront is a fraud.

Anyway, look forward to seeing another link of the week in a few days. I’ve been getting caught up with a couple of things, including a personal project in my free time that might be of interest (more on that in another post). Actually, I have several; there’s one in particular that I’ve found rather captivating. Stay tuned! If I get around to it, I’ll post a little tomorrow.

Windows’ cmd.exe is pretty anemic and just doesn’t have the feel of a real command line. (It isn’t.) PowerShell is cute and has its uses for poking around with COM objects and the likes, but for common tasks it seems ridiculously verbose and unnecessary. Cygwin alleviates much of this in an Windows environment and grants those of us who use proper shells a method of interfacing with Windows. Well, kind of!

Unfortunately, Cygwin 1.7 has moved a few things around. Geeks like me tend to use telnet to verify connectivity to other hosts, communicate directly with certain services (hey, HTTP isn’t that difficult), and troubleshoot. However…

[gridlock-x:~]$ which telnet
/cygdrive/c/WINDOWS/system32/telnet

Hmmmm… this isn’t good. Windows’ telnet is terrible. More importantly, it doesn’t work in Cygwin. After some exploration, it would seem that the Cygwin folks have consolidated telnet and a few other useful utilities into a single package.

If your distribution doesn’t have telnet available, make sure to run the setup utility again and select the “inetutils” package. Once you’ve finished up the installation (again), it’ll install only the changed package, and you’ll have access to telnet again. Horray!

Although Cygwin 1.7 is still in beta, the developers are encouraging everyone to give it a try. What can I say? It has a lot of nice improvements over the 1.5 branch. Heck, it even finally comes with a decent icon for a pre-configured rxvt shortcut! Now that’s classy.